allow auth backends to throw exceptions to give verbose error why password changing failed, auth_ads does now password strength check (even if not configured), as this is most likely cause for not changed password

2024-12-22 06:30:59 +01:00 · 2013-06-23 10:46:26 +00:00 · 2013-06-23 10:46:26 +00:00 · 293d395472
commit 293d395472
parent c44be3ee6d
3 changed files with 30 additions and 12 deletions
--- a/phpgwapi/inc/class.auth.inc.php
+++ b/phpgwapi/inc/class.auth.inc.php
@ -679,6 +679,7 @@ interface auth_backend
 	 * @param string $old_passwd must be cleartext
 	 * @param string $new_passwd must be cleartext
 	 * @param int $account_id account id of user whose passwd should be changed
+	 * @throws Exception to give a verbose error, why changing password failed
 	 * @return boolean true if password successful changed, false otherwise
 	 */
 	function change_password($old_passwd, $new_passwd, $account_id=0);
--- a/phpgwapi/inc/class.auth_ads.inc.php
+++ b/phpgwapi/inc/class.auth_ads.inc.php
@ -99,6 +99,7 @@ class auth_ads implements auth_backend
 	 * @param string $new_passwd must be cleartext
 	 * @param int $account_id account id of user whose passwd should be changed
 	 * @return boolean true if password successful changed, false otherwise
+	 * @throws egw_exception_wrong_userinput
 	 */
 	function change_password($old_passwd, $new_passwd, $_account_id=0)
 	{
@ -124,6 +125,20 @@ class auth_ads implements auth_backend
 			//error_log(__METHOD__."() old password '$old_passwd' for '$username' is wrong!");
 			return false;
 		}
-		return $adldap->user()->password($username, $new_passwd);
+		try {
+			return $adldap->user()->password($username, $new_passwd);
+		}
+		catch (Exception $e) {
+			// as we cant (todo) detect what the problem is, we do a password strength check and throw it's message, if it fails
+			if (($error = auth::crackcheck($new_passwd)))
+			{
+				throw new egw_exception_wrong_userinput($error);
+			}
+			else
+			{
+				throw new egw_exception(lang('Failed to change password.  Please contact your administrator.').' ('.$e->getMessage().')');
+			}
+		}
+		return false;
 	}
 }
--- a/preferences/inc/class.uipassword.inc.php
+++ b/preferences/inc/class.uipassword.inc.php
@ -63,8 +63,9 @@ class uipassword
 				//_debug_array($bofelamimail->ogServer);
 				$smtpClassName = get_class($bofelamimail->ogServer);
 			}
-			$GLOBALS['egw']->template->set_var('sql_message',($smtpClassName!='emailadmin_smtp_sql'?lang('note: This feature does *not* change your email password. This will '
-				. 'need to be done manually.'):''));
+			$GLOBALS['egw']->template->set_var('sql_message',
+				$smtpClassName != 'defaultsmtp' ? '' :
+					lang('note: This feature does *not* change your email password. This will need to be done manually.'));
 		}

 		if($_POST['change'])
@ -102,19 +103,20 @@ class uipassword
 				$errors[] = $error_msg;
 			}

-			if(is_array($errors))
-			{
-				common::egw_header();
-				echo parse_navbar();
-				$GLOBALS['egw']->template->set_var('messages',common::error_list($errors));
-				$GLOBALS['egw']->template->pfp('out','form');
-				common::egw_exit(True);
+			// allow auth backends to throw exceptions and display there message
+			try {
+				$passwd_changed = $this->bo->changepass($o_passwd, $n_passwd);
+			}
+			catch (Exception $e) {
+				$errors[] = $e->getMessage();
 			}

-			$passwd_changed = $this->bo->changepass($o_passwd, $n_passwd);
 			if(!$passwd_changed)
 			{
-				$errors[] = lang('Failed to change password.  Please contact your administrator.');
+				if (!$errors)	// if we have no specific error, add general message
+				{
+					$errors[] = lang('Failed to change password.  Please contact your administrator.');
+				}
 				common::egw_header();
 				echo parse_navbar();
 				$GLOBALS['egw']->template->set_var('messages',common::error_list($errors));